Am 22.04.24 um 10:47 schrieb Jack Xiao:
Delete fence fallback timer to fix the ramdom
use-after-free issue.
That's already done in amdgpu_fence_driver_hw_fini() and absolutely
shouldn't be in amdgpu_ring_fini().
And the kfree(ring->fence_drv.fences); shouldn't be there either since
that is done in amdgpu_fence_driver_sw_fini().
Regards,
Christian.
Signed-off-by: Jack Xiao <Jack.Xiao@xxxxxxx>
---
drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c
index 06f0a6534a94..93ab9faa2d72 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c
@@ -390,6 +390,7 @@ void amdgpu_ring_fini(struct amdgpu_ring *ring)
&ring->gpu_addr,
(void **)&ring->ring);
} else {
+ del_timer_sync(&ring->fence_drv.fallback_timer);
kfree(ring->fence_drv.fences);
}
